Accept traffics to the reverse proxy

[snwnde]

Per the current principal of operation, traffics within the subnet are dropped unless they are already established or from the whitelisted containers (most likely just the reverse proxy container).

However, there are legitimate cases for containers to initiate connection to the reverse proxy as well. For example, an SSO integration would need to have access to the auth service via the reverse proxy.

With the current implementation, one can either 1. add the containers to the whitelist or 2. turn on ALLOW_HOST_TRAFFIC and make the connection via host port, but both would have a larger attack surface than allowing some containers to initiate the connection to the reverse proxy within the subnet.